Almost fooled by the Facebook photo virus mail

Oh Yikes. this is a screenshot of an email I received…

image

I VERY nearly clicked on this link whilst triaging my email.

The only thing that alerted me to the fact that there might be an issue, was the wierd URL that popped up when I hovered over the link.

I was also curious about the port number 8887 so I checked online.  something dodgy seemed to be going on…

I also went to the URL http://sv001.facebook–security.com – which of course doesn’t resolve to anything.  Even more reason to be suspicious.

But for me, the worst thing is… I don’t know anyone called David Ross… and Facebook never send mail to that particular email address.  so why did I, still geeky, still technical, almost fall for it?

I’m kicking myself now for ‘almost’ clicking the link.  I was SO close…

But how many others have just clicked on it and suffered the consequences.. Grrr…

 

Eileen is a social business strategist and author of Working The Crowd: Social Media Marketing for Business. Contact her to find out how she can help your business extend its reach.

 

Technorati Tags: ,,,,

9 thoughts on “Almost fooled by the Facebook photo virus mail

  1. Rhoni MacDonald

    Can you tell me anything more about this virus? I think it’s just killed my computer! I unfortunately do know a David Ross😦

    1. eileenb Post author

      found somemore stuff – Also try this…

      First, uninstall the application. Go to Applications->Edit Applications in the bottom left of the chat bar. Make sure “Show: Recently Used” is selected in the drop down box in the top right on the Edit Applications page. Check those apps, look for an app called “Tagged?,” and uninstall it. If you don’t see “Tagged?,” check for other apps that you did not install and get rid of them. Next, it would be worthwhile to change your Facebook password for good measure.

      Finally, report the link. In your Notifications, right click the link and copy it from the notification in question. Go to this page, fill out the form, and submit.

      From http://casabona.org/blog/2010/01/18/facebook-photo-virus/

  2. seebag

    I was naive enough to click on this link. As a novice please can I get some advice. I’m running Windows XP. I first disconnected my Internet connection. I’ve done a full AVG scan which discovered 6 instances of “…may contain a virus” , and AVG eliminated those threats. i ran a full Malwarebytes scan which revealed no threats.I ran AVG Root Kits check – zero errors.I ran a Registry First Aid scan which revealed and fixed the usual quantity I get weekly about 30. I’ve tried looking for Tagged? in Add/Remove Progarms (is that the right place to look?) and it wasnt there. I spotted ALOT Toolbar which I didnt recognise and removed it. I can also see Xvid 1.2.1 final uninstall which I don’t recognise but have not touched that yet. Early days but I’ve started to look around the PC for oddities. The only one I’ve found so far is in the Control Panel display of icons there was a “hole” ie a physical white space between Printers and Faxes AND Realtek HD Sound Effects. I’ve no idea if anything was there before today. Switching view toList and then back to icons, the “hole” is no longer there and the two mentioned above are now contiguous. One concern is if this was a new virus will AVG and Malware have caught up with a solution yet, especially as I’m still disconnected from the Internet. Advice would be much appreciated.

  3. eileenb Post author

    If your account has recently been used to send spam, please visit one or more of the online antivirus scanners and reset your password on Facebook.

    http://www.kaspersky.com/virusscanner
    http://security.symantec.com
    http://us.mcafee.com/root/mfs/scan.asp?affid=56
    http://www.bitdefender.com/scan8
    http://ca.com/securityadvisor/virusinfo/scan.aspx
    http://www.pandasecurity.com/homeusers/solutions/activescan

    More info here: http://visibleprocrastinations.wordpress.com/2011/11/03/facebook-photo-comment-phishing/

    …and don’t forget to change all of your other online passwords – from a different machine..

  4. seebag

    All this using a different computer to the one where I clicked the dreaded link –
    I’m new to Facebook and my account is very new, with just 2 links to business FB pages. I’m struggling with the delete apps instructions. When I go to account settings and click on Apps it says “You have not authorised any apps to interact with your Facebook account”, but when I go to Home there is a long list (10) of apps like Photos, Links, Music etc. This corresponds with my wife’s unaffected FB a/c. Are these standard issue? Does the lack of any difference between her a/c and mine on Apps mean I’m safe?
    Is there an easy way to tell if I’ve sent any spam?
    I’ve reset my FB password, and started in on changing all my other passwords, starting with banks and Paypal.
    I’ll then get back on to the ill-fated computer tomorrow, get Malware and virus check libraries bang up to date and do full scans again. Sorry to be a pain with all this but it’s all rather worrying. Many thanks for your help.

    1. eileenb Post author

      This ISN’T a Facebook issue. it’s a phishing issue.
      The email was designed to get you to click the link. When you clicked it a script may, or may no, have run on your PC (I think you’re safe on a Mac). This script might have done some of the following:

      Collected personal information from your computer e.g credit card details, web site passwords and other log on details
      Collected personal information about you e.g address, age, date of birth in order to steal your identity
      Collected inforation about your browsing habits – to send you targeted adverts

      Additionally, if you were also logged on to Facebook at the time it might have:
      Added an application to Faceboook to harvest information about your Facebook friends.

      Running as many different virus checkers might find the culprit and get rid of it, but if this had happened to me, I personally wouldn’t be happy until I’d formatted the machine and completely reinstalled everything fresh – just in case there was something lurking there.
      You’ll know if you’ve sent any spam from your email address due to the bounced emails your’ll get in your inbox from others you’ve sent this too. My thoughts are that this is a plot to harvest your personal information for use in the future – The best course of action is to change all of your passwords – and make SURE you know what you click on in the future…

    2. seebag

      Thanks so much Eileen for taking the time and trouble to help. I will follow all your advice (most done already, and all online financial accounts have checked ok). Thankfully no bounced emails, but will remain vigilant. Lesson well and truly learned – there’s now a big notice above my PC “Beware Emails”. Thanks again to one of the good guys.

Comments are closed.